Philippine Hackers Deface Sites To 'Expose Flaws'

[InfoSec News <isn () c4i org>]

http://www.newsbytes.com/news/01/172496.html

By Melvin G Calimag, Metropolitan Computer Times
MANILA, PHILIPPINES,
28 Nov 2001, 1:10 PM CST
 
Saying they're out to help Philippine-based system administrators and
MIS managers discover "flaws in the their computer systems," a group
of Filipino "freelance security enthusiasts" called Team Asianpride
recently went on a hacking spree.
  
Among the first victims of the group's nasty undertaking, which took
place in the early hours of Nov. 17, were the Web sites of ABS-CBN
(http://www.abs-cbn.com ) and Mosaic Communications
(http://www.mozcom.com) .

ABS-CBN is the country's largest broadcasting company, while MosCom is
the first commercial ISP in the Philippines.

A message that the hacker group posted at the defaced ABS-CBN Web
site, said the hacks were part of their scheme dubbed as "The 4
O'Clock project."

The project has the intention was to "disseminate the importance of
Information security here in the Philippines," the group said.

The defacement was said to have lasted only a few minutes before the
sites' main pages was restored.

ABS-CBN Interactive, the division that operates the broadcast giant's
online version, has refused to divulge details of the incident.

In its message on the defaced ABS-CBN Web site, Team Asianpride said:
"This team has conducted a survey by scanning random hosts and
informing these people on these technicalities and encourage them to
fix their servers up.

"We have no intention, however, of destroying, and/or information
hijacking, and any other related activities. We are not paid to do
this," it added.

The hackers said they have found that more than 90 percent of the
servers can be exploited through common vulnerabilities in their
systems. The group added they had already tried to bring this matter
to the attention of the system administrators, but to no avail.

"Inasmuch as we would like to help the administrators secure the
different servers by trying to communicate to them personally, we have
been subjected to insult, despite our professional approach," the
group said.

Team Asianpride lashed out at MIS managers and system administrators,
who despite their alleged condescending view on the group still
allowed flaws to exist in their systems.

"And also despite the fact that we have informed them of their
vulnerability, still these administrators failed to respond. They
scorned us with their witty remarks bragging what degrees we have and
thinking that we know less."

The group said they chose to hack on the ABS-CBN Web site since the
site's administrator has failed to respond in their attacks.

"What we haven't seen is a productive result following these kind of
responses. Yes, we are eager to help you out, but you pushed us way
far gentlemen, too far, indeed."

MosCom, meanwhile, said its engineers detected the intrusion this
morning. The ISP said the site was immediately redirected to a
maintenance page, while at the same time reformatting the hacked
server, which was later uploaded with security patches.

"Of the more than 20 servers at our data center, only one old Web
server was affected by the incident. This prevented the access of some
of the Web sites hosted in that server," MosCom said in a statement.

Company officials have vowed to investigate the matter and go after
the attackers. "All the necessary measures are being done as to avoid
the incident from happening again," MosCom officials said.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.